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WHAT IS CLAIMED IS: 

\ 

1\ A data transfer method performed at a proxy server, the method comprising: 
\ 

intercepting a data request from a client computer that is directed to a target server; 
durypting profile information; 

augmenting the data request by adding the encrypted profile information to the data 
request; and 

sending me augmented data request to the target server. 

2. The method orclaim 1 further comprising: 
receiving a reference token from the target server; 

receiving a second oata request from the client computer that is directed to the target 
server; \ 

augmenting the second data request by adding the reference token to the second data 

request; and \ 
sending the augmented seconcNdata request to the target server. 

3. The method of claim 2 wherein the rferference token comprises a reference to the profile 
information sent to the target server. \ 

4. The method of claim 1 further comprising ret^eving the profile information from a 
database based on an identity of a user. \ 

5. The method of claim 4 further comprising using the Internet Engineering Task Force 
DDENT protocol to determine the identity of the user. \ 

6. The method of claim 1 wherein encrypting profile informationVcomprises determining a 
session key and using the session key as an encryption key. \ 



- 16- 



A The method of claim 6 further comprising encrypting the session key, and wherein 
^augmenting the data request further comprises adding the encrypted session key to the 
data request. 

8. The method of claim 7 wherein using the session key to encrypt the profile information 
comprises using the session key as a symmetric encryption algorithm encryption key, and 
wherein encrjraing the session key comprises encrypting using a public key encryption 
algorithm and a public key associated with the target server. 

9. The method of claim sturdier comprising obtaining the public key from the target server. 

10. The method of claim 9 whereni obtaining the public key from the target server comprises 
sending a request to the target server to retrieve the public key. 

1 1 . The method of claim 1 wherein the data request comprises a hypertext transfer protocol 
(HTTP) request comprising a HTTP fielckthe target server comprises a HTTP server, and 
the client computer comprises a web browser application. 

12. The method of claim 1 wherein the profile information comprises information associated 
with the client computer. \ 

13. A data transfer method performed at an information server, the method comprising: 
receiving a data request from a proxy server; 

extracting profile information added to the data request by the proxy server; 
using the extracted profile information to generate a response; and 
sending the response to thi proxy server. 
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14. The method of claim 13 whenpin using the extracted profile information to generate a 
response comprises providinglthe extracted profile information to a web application and 
generating the response by processing the web application. 

15. The method of claim 14 wherein providing the extracted profile information comprises 
setting HTTP environment variables at a web server and wherein the web application 
comprises a common gateway interface script. 

16. The method of claim 13 furtner comprising storing the extracted profile information at 
the information server and associating a reference token with the stored profile 
information, and wherein thje response further comprises the reference token. 

17. The method of claim 16 further comprising: 

receiving from the proxy server a second data request comprising the reference token; 

extracting the reference tioken from the second data request; 

accessing the stored profile information based on the reference token; and 

using the stored profile (information to generate a response to the second data request. 

18. The method of claim lp wherein extracting the profile information comprises decrypting 
the profile information. * 

19. The method of claim/18 wherein the data request further comprises a session key added 
to the data request by the proxy server and wherein decrypting the profile information 
comprises using the Session key to decrypt the profile information. 

20. The method offedaim 19 further comprising decrypting the session key. 
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\ 

1 21. The method of claim 20 wherein decrypting the session key comprises decrypting using a 

2 public key algorithm and a private key of the information server, and wherein decrypting 

3 usuag the session key comprises decrypting using a symmetric decryption algorithm. 

1 22. A computer program residing on a computer-readable medium, comprising instructions 

2 for causing^ computer to: 

3/ intercept a data request from a client computer that is directed to a target server; 

4 encrypt profile information; 

5 augment the data request by adding the encrypted profile information to the data request; 

6 and \ 

7 send the augmented dark request to the target server. 

1 23. The program residing on theScomputer-readable medium of claim 22 further comprising 

2 instructions for causing a computer to: 

3 receive a reference token from tnk target server; 

4 receive a second data request from the client computer that is directed to the target server; 

5 augment the second data request by adding the reference token to the second data request; 

6 and \ 

7 send the augmented second data request t<Mie target server. 

1 24. The program residing on the computer-readablkmedium of claim 22 wherein: 

2 the instructions for causing the computer to encrypt profile information comprise 

3 instructions to encrypt the profile information ireing a session key and a symmetric 

4 encryption algorithm; \ 

5 the program further comprises instructions to encrypt tnte session key using a public key 

6 encryption algorithm; and \ 

7 the instructions to augment the data request further comprise instructions to add the 

8 encrypted session key to the data request. \ 
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1 2^A computer program residing on a computer-readable medium, comprising instructions 

2 ror causing a computer to: 

3 receive a data request comprising encrypted profile information added to the data request 

4 by\a proxy server; 

5 extract the profile information added by the proxy server; 

6 use the extracted profile information to generate a response; and 
send the response to the proxy server. 

1 26. The program resioing on the computer-readable medium of claim 25 further comprising 

2 instructions for causing a computer to: 

3 store the extracted profile information; 

4 associate a reference tolcen with the stored profile information; 

5 include the reference tokeii in the response to the proxy server; 

6 receive from the proxy server a second data request comprising the reference token; 

7 extract the reference token; \ 

8 access the stored profile information based on the presence of the reference token in the 

9 second data request; and \ 

10 use the accessed profile information to generate a response to the second data request. 

1 27. The program residing on the computer-Veadable medium of claim 25 wherein: 

2 the data request further comprises encrypted session key information; 

3 the program further comprises instmctionsYor causing the computer to decrypt the 

4 session key information; and \ 

5 the instructions to extract the profile information comprises instructions for causing the 

6 computer to decrypt the profile information using the decrypted session key. 

1 28. A proxy server comprising: \ 

2 a database comprising records storing user profile information; 
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\ a network interface operatively coupled to a network to exchange data with a client 
\ computer and with a target server; and 
a processor operatively coupled to the network interface, the database, and a memory 
comprising executable instructions for causing the processor to intercept a data 
request that is directed to a target server, retrieve a record from the database, encrypt 
profileSinformation in the record, augment the data request by adding the encrypted 
profile information, and send the augmented data request to the target server 

29. The proxy server of claim 28 wherein the memory further comprises instructions for 
causing the processor to receive a reference token from the target server, receive a second 
data request from the client computer that is directed to the target server, augment the 
second data request by aoding the reference token to the second data request, and send 
the augmented second data request to the target server. 

30. The proxy server of claim 28 wherein: 

the instructions for causing the computer to encrypt the profile information comprise 

instructions to encrypt the profile information using a session key and a symmetric 

encryption algorithm; \ 
the memory further comprises instructions to^encrypt the session key using a public key 

encryption algorithm; and \ 
the instructions to augment the data request furthekcomprise instructions to add the 

encrypted session key to the data request. \ 



3 1 . An information server comprising: \ 

a network interface operatively coupling the information server to a proxy server; and 
a processor operativejy coupled to the network interface and to a memory comprising 
executable inspections for causing the processor to receive a data request from the 
proxy servep; decrypt user profile information added to the data request by the target 
server; an4 use the decrypted user profile information to generate a response to the 
data request. 
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32. The ser^ct^fclaim 31 wherein the memory further comprise instructions to decrypt an 
encrypted sessionK&y^ded to the data request by the proxy server, and the instructions 
to decrypt user profile infonnatkaifiirther comprise instructions to decrypt the user 
profile information using the decrypted seSstsijJcey. 
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